AquinasTraining.co.uk - training courses. Home  -  FAQ  -  Corporate Plans

ISS: SiteProtector: Advanced SiteProtector

ISS ASP      Course duration (days): 1
Talk to a Training Advisor
Tel. 0800 652 0202
Availability
Schedule available upon request within 24 hours.
Need help? Contact us now.

About this class

The SiteProtector application, provides scalable, centralised security management and data analysis capabilities for Proventia appliances and RealSecure network, server and desktop protection solutions.

SiteProtector simplifies large-scale deployments through cost-efficient, unified command, control and monitoring, thereby reducing security management demands on staff, network traffic or other operational resources. Event prioritisation and correlation enable real-time attack and misuse tracking.

The SiteProtector interface helps administrators work more efficiently through flexible views built around asset grouping and event aggregation. Powerful filters screen for event exceptions and false alerts. In addition, SiteProtector automates Proventia and RealSecure deployments, and enables multiple site management via secure remote administration.

This two day course, provides "under the hood" training in the advanced workings of the SiteProtector application's architecture and functions and features demonstrations of tips and tricks that enable students to use this best-of-breed intrusion protection product more effectively. Topics include SiteProtector component communication, sensor and appliance data paths, the SiteProtector SecurityFusion Module, the SiteProtector Third Party Module, and Event Collector failover strategy.

Who will the lesson benefit?

  • This course is intended for professionals engaged in assessing security and securing information assets.
  • Participants should have a working knowledge of RealSecure products and/or Proventia appliances, or they should have attended the Introduction to SiteProtector class.

What prerequisites are required

Participants should have a working knowledge of ISS Intrusion Protection products, or they should have attended the Introduction to SiteProtector class.

Contents of this class

Key Instructional Focus and Objectives

  • Automated installation of RealSecure components
  • SiteProtector communication channels
  • Underlying processes used to configure Proventia appliances and RealSecure sensors
  • Sensor Controller Diagnostic utility
  • Memory Configurator utility
  • SiteProtector data paths
  • Protocol Analysis
  • Advanced features used to create user defined event signatures
  • Regular expressions used to enhance SiteProtector signatures
  • Tcl scripts used with Server Sensor
  • SiteProtector SecurityFusion Module
  • Trons implementation and supported Trons syntax
  • Recognising and managing false positives
  • Capturing evidence packets using SiteProtector assets
  • RealSecure SiteProtector Event Viewer
  • Using Ethereal to examine evidence files
  • Key Hands-on Lab Focus and Objectives:
  • Modify default communication ports
  • Manually edit policy files
  • Create events to audit files and Registry keys
  • Incorporate regular expressions and Tcl scripts in event signatures
  • Install and configure the SiteProtector SecurityFusion
  • Configure Trons rules
  • Use advanced parameters to monitor a system
  • Tune SiteProtector advanced parameters
  • Filter and view events using the RealSecure SiteProtector Event Viewer
  • Examine SiteProtector packet capture files
  • Install and configure the SiteProtector Third Party
  • Implement Event Collector stacking
  • Enable Multi-Protocol encryption
(C) AquinasTraining.co.uk - Contact Us